Closed zayhanlon closed 9 months ago
double-checked is enabled in the tagged client cloud
fyi broken image @zayhanlon
@mikermcneil i think cause i submitted in zenhub, it does appear for me though - did you fix something?
redacted client log for fleetd - flacourtia-log-encryption-orbit-osquery.log
@roperzh on latest main, with only Windows MDM turned on, and an MSI built with either the standard build command or TUF server, I receive the following error:
disk_encryption
:
{status: "failed",…}
detail
:
"there was an error preparing the volume for encryption - error: prepareVolume(C:): error code returned during encryption: -2144845809"
status
:
"failed"
@sabrinabuckets thanks! that error seems to be that the machine doesn't have TPM enabled which is a requirement for disk encryption on Windows (fortunately a separate error)
For our future selves: we both discussed opening a separate ticket, but I think this is the expected behavior as long as it shows as "failed" in the "controls" page
Successfully able to configure and verify Disk encryption on Windows hosts with only Windows MDM configured and with both macOS & Windows MDM configured.
Encryption's key, In cloud city, disks secure, Fleet's trust in code weaves.
Fleet version: <!-- Copy this from the "My account" page in the Fleet UI, or run
fleetctl --version
--> 4.41 (managed cloud)Web browser and operating system: Chrome on macOS
💥 Actual behavior
400 Bad Request error with details that 'MDM is not turned on' for a customer with MDM turned on, attempting to turn on Disk Encryption for Windows
🧑💻 Steps to reproduce
FLEET_MDM_WINDOWS_WSTEP_IDENTITY_CERT
andFLEET_MDM_WINDOWS_WSTEP_IDENTITY_KEY
(no Apple configs)🕯️ More info (optional)
Note- this customer does not have macOS MDM turned on - could that be a factor?